Two hackers named Ralph Phillip Weinmann and Vincenzo Iozzo secured a prize of $15,000 by hacking iPhone in just 20 seconds at Pwn2Own contest. The hackers found a secure flaw in the iPhone using which they hacked the SMS database in the iPhone. Hackers pointed iPhone browser to a web containing exploit code, and the whole SMS database from iPhone was uploaded to the server where the exploit code existed.

While the attack was used to grab just the SMS data, which would include deleted messages, it could be designed to access contacts, photos, and other data on the iPhone, and without the user having any idea an attack was underway, the hackers said.

It’s a technique similar to that used in jailbreaking iPhone OS 1.x. In OS 1.x days, user simply needed to point his browser to a web and know what! user had a jailbroken iPhone. There are possibilities of taking advantage of recent security flaw and developing an over the air jailbreak for iPhone similar to that of OS 1.x.

But Apple is not going to sit around waiting for a hacker to take advantage of the loop hole. Most probably Apple is already working to patch the flaw. So, we can expect a new firmware update soon… may be firmware 3.1.4 or firmware 3.2.